JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 47.79.201.95

47.79.201.95 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 37%: ?

37%

ISP	Alibaba Cloud LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45102
Domain Name	alibaba-inc.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 47.79.201.95

Whois 47.79.201.95

IP Abuse Reports for 47.79.201.95:

This IP address has been reported a total of 39 times from 21 distinct sources. 47.79.201.95 was first reported on May 26th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 FireGuard Server	2026-06-12 01:25:07 (3 hours ago)	Blocked by OPNsense firewall; 4 hits, proto=tcp, ports=443	Port Scan Hacking
🇨🇦 1gz	2026-06-12 00:28:04 (4 hours ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/efektivet-e-arrestuar-ne-morine UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Mobile Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-12 00:05:50 (4 hours ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 20:05:42.321300 2026] [security2:error] [pid 16113:tid 16113] [client 47.79.201.95:5876] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".thehowardtheatre.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/www.thehowardtheatre.com"] [unique_id "aitNVuqdYLg3ovAhiDDBJAAAAAI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 09:28:51 (19 hours ago)	FortiWeb WAF: 71 attacks detected. Threat Score: 7200. Types: GEO IP(36), Client Management(35). Ori ... show more FortiWeb WAF: 71 attacks detected. Threat Score: 7200. Types: GEO IP(36), Client Management(35). Origin: Singapore. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 03:18:17 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 23:18:10.933550 2026] [security2:error] [pid 1040:tid 1040] [client 47.79.201.95:60678] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kentsmithfamily.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kentsmithfamily.com"] [uri "/Special:Contributions/Opdwodowkdwiidwok_djwkqdwqofhjqwlsqj_jfkmclasdkjfjewlfjkwkdjoiqw_fnedkwdkowfwhi_jiowjiowhfiwkj_rohriowjropwjrofwjrijeiwo_kentsmithfamily.com"] [unique_id "aioo8vwxxLKVVKABtQelAQAAAAI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 00:10:53 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 47.79.201.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 20:10:45.395339 2026] [security2:error] [pid 2215:tid 2228] [client 47.79.201.95:57838] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|behaviorhealth.org\|F\|2"] [data ".borders.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "behaviorhealth.org"] [uri "/www.Borders.com"] [unique_id "ain9BTaU1bOg_ZcALXCBxwAAAEs"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 20:33:17 (1 day ago)	Malicious activity detected	Hacking Web App Attack
🇪🇸 librebit	2026-02-11 04:31:19 (4 months ago)	Brute force	Brute-Force
🇺🇸 ersei.net	2026-01-15 17:50:49 (4 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇮🇹 VHosting	2026-01-08 11:36:20 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 kosada.com	2026-01-05 08:01:39 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 kosada.com	2025-12-26 20:29:34 (5 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
Anonymous	2025-12-14 06:43:51 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 ersei.net	2025-12-13 16:45:38 (5 months ago)	Nonstop scanning with no cooldown or respect for 429.	Bad Web Bot
🇨🇦 1gz	2025-12-13 02:40:56 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /lajme/eduart-lamaj UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 178.178.222.50

🇰🇪 156.0.232.51

🇮🇳 154.221.35.72

🇸🇬 101.47.158.137

🇳🇱 89.21.67.139

🇫🇷 82.208.22.35

🇱🇹 77.90.185.64

🇺🇸 54.240.9.36

🇮🇳 49.207.243.206

🇳🇱 45.148.10.147

🇺🇸 3.143.68.180

🇺🇸 216.25.89.148

🇲🇰 188.44.20.30

🇳🇱 176.65.131.215

🇱🇷 168.253.0.214

🇧🇷 168.194.167.10

🇭🇰 150.5.169.138

🇫🇷 91.196.152.122

🇩🇪 91.92.240.42

🇨🇦 85.217.149.25